Healthy.io leverages Amazon Web Services (AWS) and Google Cloud Platform (GCP) encryption mechanisms for most of the services it provides today. In addition, Healthy.io leverages AWS/Google Key Management Systems (KMS) for encryption key creation and security.
Google uses the Advanced Encryption Standard (AES) algorithm to encrypt data at rest. Due to AES’ wide use, it encrypts all data at the storage level with AES256 by default. This is because (1) the National Institute of Standards and Technology (NIST) recommends both AES256 and AES128 for long-term storage use (as of March 2019), and (2) customer compliance requirements often include AES encrypts Data stored across Cloud Storage at the storage level, in Galois/Counter Mode (GCM) in almost all cases. In specific instances, Cipher Block Chaining (CBC) mode uses AES with a hashed message authentication code (HMAC) for authentication; for some replicated files, Counter (CTR) mode uses AES with HMAC.